Beast-Exploit is a Poc of BEAST attack against SSL/TLS, writing in python.it work with class :
– class Server: The secure server. A sample server, serving on his host and port waiting the client
– class Client: The unsecure post of the client can be a “unsecure” browser for example.
++ The client generate a random cookie and send it to the server through the proxy
++ The attacker by injecting javascript code can control the sending request of the client to the proxy -> server
– class ProxyTCPHandler(SocketServer.BaseRequestHandler):
++ Start a connection to the secure server and handle multiple socket connections between the client and the server Informe the attacker about the client’s frames or the server’s response
++ Finally redirect the data from the client to the server and inversely
– class Proxy: Assimilate to a MitmProxy
++ start a serving on his host and port and redirect the data to the server due to this handler